org.springframework.vault.client.ClientHttpRequestFactoryFactory Java Examples
The following examples show how to use
org.springframework.vault.client.ClientHttpRequestFactoryFactory.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: ClientCertificateAuthenticationIntegrationTests.java From spring-vault with Apache License 2.0 | 5 votes |
|
@Test
void shouldLoginSuccessfully() {
ClientHttpRequestFactory clientHttpRequestFactory = ClientHttpRequestFactoryFactory.create(new ClientOptions(),
prepareCertAuthenticationMethod());
RestTemplate restTemplate = VaultClients.createRestTemplate(TestRestTemplateFactory.TEST_VAULT_ENDPOINT,
clientHttpRequestFactory);
ClientCertificateAuthentication authentication = new ClientCertificateAuthentication(restTemplate);
VaultToken login = authentication.login();
assertThat(login.getToken()).isNotEmpty();
}
Example #2
| Source File: ClientCertificateAuthenticationIntegrationTests.java From spring-vault with Apache License 2.0 | 5 votes |
|
@Test
void shouldSelectKey() {
ClientHttpRequestFactory clientHttpRequestFactory = ClientHttpRequestFactoryFactory.create(new ClientOptions(),
prepareCertAuthenticationMethod(SslConfiguration.KeyConfiguration.of("changeit".toCharArray(), "1")));
RestTemplate restTemplate = VaultClients.createRestTemplate(TestRestTemplateFactory.TEST_VAULT_ENDPOINT,
clientHttpRequestFactory);
ClientCertificateAuthentication authentication = new ClientCertificateAuthentication(restTemplate);
VaultToken login = authentication.login();
assertThat(login.getToken()).isNotEmpty();
}
Example #3
| Source File: ClientCertificateAuthenticationIntegrationTests.java From spring-vault with Apache License 2.0 | 5 votes |
|
@Test
void shouldSelectInvalidKey() {
ClientHttpRequestFactory clientHttpRequestFactory = ClientHttpRequestFactoryFactory.create(new ClientOptions(),
prepareCertAuthenticationMethod(SslConfiguration.KeyConfiguration.of("changeit".toCharArray(), "2")));
RestTemplate restTemplate = VaultClients.createRestTemplate(TestRestTemplateFactory.TEST_VAULT_ENDPOINT,
clientHttpRequestFactory);
ClientCertificateAuthentication authentication = new ClientCertificateAuthentication(restTemplate);
assertThatExceptionOfType(NestedRuntimeException.class).isThrownBy(authentication::login);
}
Example #4
| Source File: ClientCertificateAuthenticationIntegrationTests.java From spring-vault with Apache License 2.0 | 5 votes |
|
@Test
void loginShouldFail() {
ClientHttpRequestFactory clientHttpRequestFactory = ClientHttpRequestFactoryFactory.create(new ClientOptions(),
Settings.createSslConfiguration());
RestTemplate restTemplate = VaultClients.createRestTemplate(TestRestTemplateFactory.TEST_VAULT_ENDPOINT,
clientHttpRequestFactory);
assertThatExceptionOfType(NestedRuntimeException.class)
.isThrownBy(() -> new ClientCertificateAuthentication(restTemplate).login());
}
Example #5
| Source File: TestRestTemplateFactory.java From spring-vault with Apache License 2.0 | 5 votes |
|
private static void initializeClientHttpRequestFactory(SslConfiguration sslConfiguration) throws Exception {
if (factoryCache.get() != null) {
return;
}
final ClientHttpRequestFactory clientHttpRequestFactory = ClientHttpRequestFactoryFactory
.create(new ClientOptions(), sslConfiguration);
if (factoryCache.compareAndSet(null, clientHttpRequestFactory)) {
if (clientHttpRequestFactory instanceof InitializingBean) {
((InitializingBean) clientHttpRequestFactory).afterPropertiesSet();
}
if (clientHttpRequestFactory instanceof DisposableBean) {
Runtime.getRuntime().addShutdownHook(new Thread("ClientHttpRequestFactory Shutdown Hook") {
@Override
public void run() {
try {
((DisposableBean) clientHttpRequestFactory).destroy();
}
catch (Exception e) {
e.printStackTrace();
}
}
});
}
}
}
Example #6
| Source File: VaultBootstrapConfiguration.java From spring-cloud-vault with Apache License 2.0 | 5 votes |
|
/**
* Creates a {@link ClientFactoryWrapper} containing a
* {@link ClientHttpRequestFactory}. {@link ClientHttpRequestFactory} is not exposed
* as root bean because {@link ClientHttpRequestFactory} is configured with
* {@link ClientOptions} and {@link SslConfiguration} which are not necessarily
* applicable for the whole application.
* @return the {@link ClientFactoryWrapper} to wrap a {@link ClientHttpRequestFactory}
* instance.
*/
@Bean
@ConditionalOnMissingBean
public ClientFactoryWrapper clientHttpRequestFactoryWrapper() {
ClientOptions clientOptions = new ClientOptions(
Duration.ofMillis(this.vaultProperties.getConnectionTimeout()),
Duration.ofMillis(this.vaultProperties.getReadTimeout()));
SslConfiguration sslConfiguration = VaultConfigurationUtil
.createSslConfiguration(this.vaultProperties.getSsl());
return new ClientFactoryWrapper(
ClientHttpRequestFactoryFactory.create(clientOptions, sslConfiguration));
}
Example #7
| Source File: VaultNamespaceTests.java From spring-cloud-vault with Apache License 2.0 | 5 votes |
|
@Before
public void before() {
Assume.assumeTrue("Namespaces require enterprise version",
this.vaultRule.prepare().getVersion().isEnterprise());
List<String> namespaces = new ArrayList<>(Arrays.asList("dev/", "marketing/"));
List<String> list = this.vaultRule.prepare().getVaultOperations()
.list("sys/namespaces");
namespaces.removeAll(list);
for (String namespace : namespaces) {
this.vaultRule.prepare().getVaultOperations()
.write("sys/namespaces/" + namespace.replaceAll("/", ""));
}
this.maketingRestTemplate = RestTemplateBuilder.builder()
.requestFactory(ClientHttpRequestFactoryFactory
.create(new ClientOptions(), Settings.createSslConfiguration()))
.endpoint(TestRestTemplateFactory.TEST_VAULT_ENDPOINT)
.defaultHeader(VaultHttpHeaders.VAULT_NAMESPACE, "marketing");
VaultTemplate marketing = new VaultTemplate(this.maketingRestTemplate,
new SimpleSessionManager(new TokenAuthentication(Settings.token())));
mountKv(marketing, "marketing-secrets");
marketing.opsForSys().createOrUpdatePolicy("relaxed", POLICY);
this.marketingToken = marketing.opsForToken()
.create(VaultTokenRequest.builder().withPolicy("relaxed").build())
.getToken().getToken();
}
Example #8
| Source File: KubernetesHashicorpVaultClientAuthenticationProvider.java From knox with Apache License 2.0 | 5 votes |
|
private RestOperations getRestOperations(Map<String, String> properties) throws Exception {
String vaultAddress = properties.get(HashicorpVaultAliasService.VAULT_ADDRESS_KEY);
VaultEndpoint vaultEndpoint = VaultEndpoint.from(new URI(vaultAddress));
VaultEndpointProvider vaultEndpointProvider = SimpleVaultEndpointProvider.of(vaultEndpoint);
ClientOptions clientOptions = new ClientOptions();
SslConfiguration sslConfiguration = SslConfiguration.unconfigured();
ClientHttpRequestFactory clientHttpRequestFactory = ClientHttpRequestFactoryFactory.create(
clientOptions, sslConfiguration);
return VaultClients.createRestTemplate(vaultEndpointProvider, clientHttpRequestFactory);
}
Example #9
| Source File: ClientCertificateAuthenticationIntegrationTests.java From spring-vault with Apache License 2.0 | 4 votes |
|
@Test
void shouldProvideInvalidKeyPassword() {
assertThatIllegalStateException().isThrownBy(() -> ClientHttpRequestFactoryFactory.create(new ClientOptions(),
prepareCertAuthenticationMethod(SslConfiguration.KeyConfiguration.of("wrong".toCharArray(), "1"))));
}
Example #10
| Source File: ClientCertificateNamespaceIntegrationTests.java From spring-vault with Apache License 2.0 | 4 votes |
|
@BeforeEach
void before() {
Assumptions.assumeTrue(prepare().getVersion().isEnterprise(), "Namespaces require enterprise version");
List<String> namespaces = new ArrayList<>(Arrays.asList("dev/", "marketing/"));
List<String> list = prepare().getVaultOperations().list("sys/namespaces");
namespaces.removeAll(list);
for (String namespace : namespaces) {
prepare().getVaultOperations().write("sys/namespaces/" + namespace.replaceAll("/", ""));
}
RestTemplateBuilder devRestTemplate = RestTemplateBuilder.builder()
.requestFactory(
ClientHttpRequestFactoryFactory.create(new ClientOptions(), Settings.createSslConfiguration()))
.endpoint(TestRestTemplateFactory.TEST_VAULT_ENDPOINT).customizers(restTemplate -> restTemplate
.getInterceptors().add(VaultClients.createNamespaceInterceptor("dev")));
VaultTemplate dev = new VaultTemplate(devRestTemplate,
new SimpleSessionManager(new TokenAuthentication(Settings.token())));
mountKv(dev, "dev-secrets");
dev.opsForSys().createOrUpdatePolicy("relaxed", POLICY);
if (!dev.opsForSys().getAuthMounts().containsKey("cert/")) {
dev.opsForSys().authMount("cert", VaultMount.create("cert"));
}
dev.doWithSession((RestOperationsCallback<Object>) restOperations -> {
File workDir = findWorkDir();
String certificate = Files.contentOf(new File(workDir, "ca/certs/client.cert.pem"),
StandardCharsets.US_ASCII);
Map<String, String> role = new LinkedHashMap<>();
role.put("token_policies", "relaxed");
role.put("policies", "relaxed");
role.put("certificate", certificate);
return restOperations.postForEntity("auth/cert/certs/relaxed", role, Map.class);
});
}
Example #11
| Source File: ClientCertificateNamespaceIntegrationTests.java From spring-vault with Apache License 2.0 | 4 votes |
|
@Test
void shouldAuthenticateWithNamespace() {
ClientHttpRequestFactory clientHttpRequestFactory = ClientHttpRequestFactoryFactory.create(new ClientOptions(),
ClientCertificateAuthenticationIntegrationTestBase.prepareCertAuthenticationMethod());
RestTemplateBuilder builder = RestTemplateBuilder.builder()
.endpoint(TestRestTemplateFactory.TEST_VAULT_ENDPOINT).requestFactory(clientHttpRequestFactory)
.defaultHeader(VaultHttpHeaders.VAULT_NAMESPACE, "dev");
RestTemplate forAuthentication = builder.build();
ClientCertificateAuthentication authentication = new ClientCertificateAuthentication(forAuthentication);
VaultTemplate dev = new VaultTemplate(builder, new SimpleSessionManager(authentication));
dev.write("dev-secrets/my-secret", Collections.singletonMap("key", "dev"));
assertThat(dev.read("dev-secrets/my-secret").getRequiredData()).containsEntry("key", "dev");
}
Example #12
| Source File: VaultNamespaceSecretIntegrationTests.java From spring-vault with Apache License 2.0 | 4 votes |
|
@BeforeEach
void before() {
Assumptions.assumeTrue(prepare().getVersion().isEnterprise(), "Namespaces require enterprise version");
List<String> namespaces = new ArrayList<>(Arrays.asList("dev/", "marketing/"));
List<String> list = prepare().getVaultOperations().list("sys/namespaces");
namespaces.removeAll(list);
for (String namespace : namespaces) {
prepare().getVaultOperations().write("sys/namespaces/" + namespace.replaceAll("/", ""));
}
this.devRestTemplate = RestTemplateBuilder.builder()
.requestFactory(
ClientHttpRequestFactoryFactory.create(new ClientOptions(), Settings.createSslConfiguration()))
.endpoint(TestRestTemplateFactory.TEST_VAULT_ENDPOINT).customizers(restTemplate -> restTemplate
.getInterceptors().add(VaultClients.createNamespaceInterceptor("dev")));
this.maketingRestTemplate = RestTemplateBuilder.builder()
.requestFactory(
ClientHttpRequestFactoryFactory.create(new ClientOptions(), Settings.createSslConfiguration()))
.endpoint(TestRestTemplateFactory.TEST_VAULT_ENDPOINT)
.defaultHeader(VaultHttpHeaders.VAULT_NAMESPACE, "marketing");
VaultTemplate dev = new VaultTemplate(this.devRestTemplate,
new SimpleSessionManager(new TokenAuthentication(Settings.token())));
mountKv(dev, "dev-secrets");
dev.opsForSys().createOrUpdatePolicy("relaxed", POLICY);
this.devToken = dev.opsForToken().create(VaultTokenRequest.builder().withPolicy("relaxed").build()).getToken()
.getToken();
VaultTemplate marketing = new VaultTemplate(this.maketingRestTemplate,
new SimpleSessionManager(new TokenAuthentication(Settings.token())));
mountKv(marketing, "marketing-secrets");
marketing.opsForSys().createOrUpdatePolicy("relaxed", POLICY);
this.marketingToken = marketing.opsForToken().create(VaultTokenRequest.builder().withPolicy("relaxed").build())
.getToken().getToken();
}
Example #13
| Source File: AbstractVaultConfiguration.java From spring-vault with Apache License 2.0 | 2 votes |
|
/**
* Create a {@link ClientFactoryWrapper} containing a {@link ClientHttpRequestFactory}
* . {@link ClientHttpRequestFactory} is not exposed as root bean because
* {@link ClientHttpRequestFactory} is configured with {@link ClientOptions} and
* {@link SslConfiguration} which are not necessarily applicable for the whole
* application.
* @return the {@link ClientFactoryWrapper} to wrap a {@link ClientHttpRequestFactory}
* instance.
* @see #clientOptions()
* @see #sslConfiguration()
*/
@Bean
public ClientFactoryWrapper clientHttpRequestFactoryWrapper() {
return new ClientFactoryWrapper(ClientHttpRequestFactoryFactory.create(clientOptions(), sslConfiguration()));
}
